github qdm12/gluetun v3.25.0
on GitHub

latest releases: v3.38.0, v3.37.0, v3.36.0...
2 years ago

Features

  • ExpressVPN support (#623)
  • WeVPN support (#591)
  • Healthcheck uses DNS and ping to github.com instead of only DNS to avoid relying on DNS cache
  • HEALTH_ADDRESS_TO_PING variable
  • Adapt logger prefix to VPN used
    • openvpn: for OpenVPN
    • wireguard: for Wireguard
  • VPNSP value custom for OpenVPN custom config files (#621)
  • VPNSP value custom for Wireguard custom configuration
    • WIREGUARD_PUBLIC_KEY variable
    • WIREGUARD_ENDPOINT_IP variable
  • OpenVPN custom configuration file is reloaded on VPN restarts
  • OpenVPN custom configuration file is parsed at start to log out valid settings
  • Support IPv6 routing for Wireguard
  • Log Wireguard server endpoint
  • Log Wireguard keys when LOG_LEVEL=debug
  • Windscribe OpenVPN default cipher set to aes-256-gcm
  • Update server information built-in
    • Cyberghost
    • FastestVPN
    • Mullvad
  • format-servers CLI command

Changes

  • VPNSP=custom OpenVPN configuration file:
    • up and down options are not filtered out
    • OPENVPN_INTERFACE overrides the network interface defined in the configuration file
    • PORT overrides any port found in the configuration file
  • Remove NordVPN SERVER_NAME filter functionality
    • Filter was not effective
    • Is to be deprecated in v4 anyway
    • Bump NordVPN server model version to 3
    • Remove Name field from NordVPN server model
  • Remove CYBERGHOST_GROUP as it does not make sense anymore with newer server data

Fixes

  • Set non block on TUN device
  • Close HTTP client connections when tunnel comes up
  • Public IP loop deadlock
  • OpenVPN VPNSP=custom does not deduplicate lines
  • PureVPN remove OpenVPN cipher option AES-256-CBC
  • Cyberghost OpenVPN cipher option defaults to aes-128-gcm
  • Repository servers.json path for maintainer server update cli
  • Add missing HTTP status code check for Windscribe API
  • PIA_ENCRYPTION default in Go program
    • Defaults to strong instead of strong certificate string
    • No impact on Docker images since variable is set to strong in Dockerfile
    • Only read PIA_ENCRYPTION if service provider is PIA
  • (Security) Remove OpenVPN compression option (affects FastestVPN, Hide My Ass, IP Vanish, IVPN, NordVPN, PIA, PrivateVPN, ProtonVPN, Torguard, VPN Unlimited, VyprVPN)
  • FastestVPN updated OpenVPN configuration
  • HideMyAss: Cote d'Ivoire server country name
  • Log errors with error level for OpenVPN
  • PIA SERVER_NAME variable functionality

Documentation

  • Readme
    • Update with updated Wiki pages and links
    • Add Wireguard in top description
    • Add Console Substack interview link
    • Remove docker-compose.yml file which is now inlined in readme
    • Update Wireguard support list
  • Issue templates
    • Add Unraid template issue contact link to discussion #550
    • Add Wiki issue yml template
    • Replace help issue template by issue contact link to Github discussion
    • Update bug issue template to use yml format
    • Update feature request issue template to use yml format
    • Remove default assignees
  • Update maintenance document

Maintenance

  • Rename environment variables with retro-compatibility
    • HEALTH_OPENVPN_DURATION_INITIAL to HEALTH_VPN_DURATION_INITIAL
    • HEALTH_OPENVPN_DURATION_ADDITION to HEALTH_VPN_DURATION_ADDITION
    • WIREGUARD_PORT to WIREGUARD_ENDPOINT_PORT
    • PORT to OPENVPN_PORT
    • PROTOCOL to OPENVPN_PROTOCOL
    • REGION to COUNTRY for Cyberghost
  • OpenVPN options
    • remove deprecated
      • tun-ipv6 (affects all)
      • keysize
      • ncp-disable (affects Cyberghost, PIA, Torguard, Windscribe)
      • keepalive replaced by ping* options
    • remove unneeded
      • script-security (affects Cyberghost, Mullvad, PureVPN, Surfshark, Torguard, Windscribe)
      • ping-timer-rem
      • route-delay (affects Cyberghost, PureVPN)
      • route-method (affects PureVPN)
      • tun-mtu 1500 (affects FastestVPN, NordVPN, ProtonVPN, Surfshark, Torguard)
      • tls-client (affects FastestVPN)
      • ping-exit and ping-restart (affects all)
      • disable-occ (affects PIA to match the Wiki)
    • add only when running without root:
      • persist-tun
      • persist-key
    • add tls-exit to PIA configuration
    • add explicit-exit-notify when using UDP
  • Dynamically set allowed VPN input ports
    • Allow to change VPN type at runtime
    • Allow to change interface name at runtime
    • Add cleanup method to cleanup VPN loop on a vpn shutdown
    • Allow VPN inputs ports only when tunnel is up
  • internal/openvpn/extract package instead of internal/openvpn/custom package
  • internal/openvpn/parse package
    • Parse PEM key data for Cyberghost and VPNUnlimited
    • Add more unit tests
  • All providers' BuildConf method return an error
  • Rename CustomConfig to ConfFile in Settings structures
  • Rename Wireguard CustomPort
  • Use type aliases in internal/netlink
  • Re-order Dockerfile environment variables
  • Improve internal/configuration/health_test.go unit test
  • Re-order OpenVPN options
  • golangci-lint:
    • Remove disable-all: true and enabled by default linters
    • Add more linters
  • Package-local narrow Logger interfaces
  • Package-local log levels
  • Go program uses time/tzdata instead of Alpine's tzdata
  • Go program uses github.com/breml/rootcerts together with Alpine's ca-certificates
  • Bump github.com/fatih/color from 1.12.0 to 1.13.0 (#635)
  • Bump github.com/qdm12/goshutdown from v0.1.0 to v0.3.0
Check out latest releases or
releases around qdm12/gluetun v3.25.0

Don't miss a new gluetun release

NewReleases is sending notifications on new releases.

Get notifications